Embodiments of the inventive concepts described herein relate to electronic devices for authenticating an application and an operating method thereof.
With the widespread adoption of internet of things (IoT) devices, there may be a trend towards securely storing at least some user data in each IoT device. If an IoT device obtains such data and connects with a device of a malicious user, this can lead to a security incident. Encryption/decryption technologies can be used such that a malicious user may not access data stored in the IoT device. However, IoT devices may fail to securely protect their encryption/decryption keys.
To address such problems, some conventional technologies may securely store a key in a trusted execution environment (TEE) using TrustZone and then store data. However, the corresponding technologies may be vulnerable to a sham attack using malware.